Search everything...

Stats

Actions

Available In

cybersecurity-skills

Name: cybersecurity-skills
Author: mukul975

By mukul975

Provides structured guidance for executing cybersecurity operations across penetration testing, incident response, threat hunting, cloud security, and malware analysis, with step-by-step procedures and tool usage.

npx claudepluginhub mukul975/anthropic-cybersecurity-skills --plugin cybersecurity-skills

Popularity

Stars

Top 1%

13,210

Med: 0·Avg: 285

Installs

Top 1%

Med: 0·Avg: 1

What's Inside

Skills754

acquiring-disk-image-with-dd-and-dcfldd

/acquiring-disk-image-with-dd-and-dcfldd

Create forensically sound bit-for-bit disk images using dd and dcfldd while preserving evidence integrity through hash verification.

analyzing-active-directory-acl-abuse

/analyzing-active-directory-acl-abuse

Detect dangerous ACL misconfigurations in Active Directory using ldap3 to identify GenericAll, WriteDACL, and WriteOwner abuse paths

analyzing-android-malware-with-apktool

/analyzing-android-malware-with-apktool

Perform static analysis of Android APK malware samples using apktool for decompilation, jadx for Java source recovery, and androguard for permission analysis, manifest inspection, and suspicious API call detection.

analyzing-api-gateway-access-logs

/analyzing-api-gateway-access-logs

Parses API Gateway access logs (AWS API Gateway, Kong, Nginx) to detect BOLA/IDOR attacks, rate limit bypass, credential scanning, and injection attempts. Uses pandas for statistical analysis of request patterns and anomaly detection. Use when investigating API abuse or building API-specific threat detection rules.

analyzing-apt-group-with-mitre-navigator

/analyzing-apt-group-with-mitre-navigator

Analyze advanced persistent threat (APT) group techniques using MITRE ATT&CK Navigator to create layered heatmaps of adversary TTPs for detection gap analysis and threat-informed defense.

Stats

Version1.0.0

ReleasedApr 6, 2026

LanguagePython

Stars13,210

Forks1,548

Copy clicks18

MaintenanceExcellent

LicenseApache-2.0

Last CommitJun 1, 2026

AddedMar 24, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).

Available In

anthropic-cybersecurity-skills13,247 anthropic-cybersecurity-skills13 cybersecurity-skills-zh10 anthropic-cybersecurity-skills anthropic-cybersecurity-skills

README

Anthropic Cybersecurity Skills

The largest open-source cybersecurity skills library for AI agents

754 production-grade cybersecurity skills · 26 security domains · 5 framework mappings · 26+ AI platforms

Get Started · What's Inside · Frameworks · Platforms · Contributing

⚠️ Community Project — This is an independent, community-created project. Not affiliated with Anthropic PBC.

Give any AI agent the security skills of a senior analyst

A junior analyst knows which Volatility3 plugin to run on a suspicious memory dump, which Sigma rules catch Kerberoasting, and how to scope a cloud breach across three providers. Your AI agent doesn't — unless you give it these skills.

This repo contains 754 structured cybersecurity skills spanning 26 security domains, each following the agentskills.io open standard. Every skill is mapped to five industry frameworks — MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, MITRE D3FEND, and NIST AI RMF — making this the only open-source skills library with unified cross-framework coverage. Clone it, point your agent at it, and your next security investigation gets expert-level guidance in seconds.

Five frameworks, one skill library

No other open-source skills library maps every skill to all five frameworks. One skill, five compliance checkboxes.

Framework	Version	Scope in this repo	What it maps
MITRE ATT&CK	v19.1	15 tactics · 286 techniques	Adversary behaviors and TTPs
NIST CSF 2.0	2.0	6 functions · 22 categories	Organizational security posture
MITRE ATLAS	v5.4	16 tactics · 84 techniques	AI/ML adversarial threats
MITRE D3FEND	v1.3	7 categories · 267 techniques	Defensive countermeasures
NIST AI RMF	1.0	4 functions · 72 subcategories	AI risk management

Example — a single skill maps across all five:

Skill	ATT&CK	NIST CSF	ATLAS	D3FEND	AI RMF
`analyzing-network-traffic-of-malware`	T1071	DE.CM	AML.T0047	D3-NTA	MEASURE-2.6

MITRE ATT&CK v19.1 — 754/754 skills mapped

Every skill carries a mitre_attack frontmatter list validated against MITRE ATT&CK v19.1 (the latest release) using the official mitreattack-python library — 286 distinct techniques across all 15 Enterprise tactics, plus ICS and Mobile techniques where relevant. Zero revoked or deprecated IDs. v19.1's restructured Defense Evasion (now split into Stealth and Defense Impairment) is reflected below.

View full README on GitHub